[U-Boot] U-Boot, cache speculation side channel attacks and ARM
Mark Kettenis
mark.kettenis at xs4all.nl
Fri Jan 19 22:21:44 UTC 2018
> Date: Fri, 19 Jan 2018 16:56:14 -0500
> From: Tom Rini <trini at konsulko.com>
>
> Hey all,
>
> So, now that things have quieted down a little bit in this area, I've
> been wondering about something. Over on the U-Boot side of things, are
> there changes we need to make in order to support the kernel side of the
> various mitigations properly? I know that for example currently
> https://developer.arm.com/support/security-update talks about ATF
> patches, in the context of AArch64 however. But on the other hand for
> variant 2, there's nothing listed on the Linux side for 32bit ARM, but
> there is for non-Linux OSes.
>
> And, in the event I'm also missing something else entirely that we need
> to do here, is there something that we need to be doing? Or is it still
> too early at this point in time to know?
I think that for AArch32, the following bit advice is relevant:
For Cortex-A15, set ACTLR[0]==1 from early initialization of the
processor, and invalidate the branch predictor by performing an
ICIALLU instruction.
For now OpenBSD assumes that "the firmware" sets ACTLR[0] since this
register may be read-only in non-secure mode. And unless I missed
something Linux makes the same assumption.
If U-Boot provides the PSCI implementation it should probably flush
the BTB on affected 32-bit processors and should defenitely flush on
64-bit processors.
More information about the U-Boot
mailing list